Detections
Analytics
SuSE9 Security Update : telnet (YOU Patch Number 10238)
high Nessus Plugin ID 41074
Synopsis
The remote SuSE 9 host is missing a security-related patch.Description
The telnet client protocol can be abused by a malicious server to read the environment of the client site. The information can be used as preparation for further attacks. This bug can also be exploited by using the telnet:// URL on a web-site and letting the web-browser fork a telnet client. This bug was reported by iDEFENSE [IDEF0865].Note that this patch changes the behaviour of the telnet client regarding the rule of exported environment variables. Please consult the man page for further details.
Solution
Apply YOU patch number 10238.Plugin Details
Severity: High
ID: 41074
File Name: suse9_10238.nasl
Version: 1.8
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 9/24/2009
Updated: 1/14/2021
Supported Sensors: Nessus Agent, Nessus
Vulnerability Information
CPE: cpe:/o:suse:suse_linux
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Patch Publication Date: 6/10/2005